Review comments - added elay and friendly error for no access to cert…

… private key

AzureDeploymentCmdlets/src/AzureDeploymentCmdlets/Cmdlet/PublishAzureService.cs

@@ -18,6 +18,7 @@
 using System.IO;
 using System.Linq;
 using System.Management.Automation;
+using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using System.Security.Permissions;
 using System.ServiceModel;
@@ -160,7 +161,7 @@ public void PublishService(string serviceRootPath)
                 CreateHostedService();
                 CreateNewDeployment();
             }
-            
+
             // Verify the deployment succeeded by checking that each of the
             // roles are running
             VerifyDeployment();
@@ -558,10 +559,11 @@ private void WaitForCertificateToBeAdded(ServiceConfigurationSchema.Certificate
             CertificateList certificates = null;
             do
             {
+                Thread.Sleep(TimeSpan.FromMilliseconds(500));
                 certificates = RetryCall<CertificateList>(subscription =>
                     Channel.ListCertificates(subscription, _hostedServiceName));
             }
-            while (certificates== null || certificates.Count<Certificate>(c => c.Thumbprint.Equals(
+            while (certificates == null || certificates.Count<Certificate>(c => c.Thumbprint.Equals(
                 certificate.thumbprint, StringComparison.OrdinalIgnoreCase)) < 1);
         }
 
@@ -706,7 +708,7 @@ private void VerifyDeployment()
                         _deploymentSettings.ServiceSettings.Slot));
             }
         }
-        
+
         private void AddCertificates(CertificateList uploadedCertificates)
         {
             if (_azureService.Components.CloudConfig.Role != null)
@@ -717,12 +719,21 @@ private void AddCertificates(CertificateList uploadedCertificates)
                         certElement.thumbprint, StringComparison.OrdinalIgnoreCase)) < 1))
                     {
                         X509Certificate2 cert = General.GetCertificateFromStore(certElement.thumbprint);
-                        CertificateFile certFile = new CertificateFile
+                        CertificateFile certFile = null;
+                        try
                         {
-                            Data = Convert.ToBase64String(cert.Export(X509ContentType.Pfx, string.Empty)),
-                            Password = string.Empty,
-                            CertificateFormat = "pfx"
-                        };
+                            certFile = new CertificateFile
+                            {
+                                Data = Convert.ToBase64String(cert.Export(X509ContentType.Pfx, string.Empty)),
+                                Password = string.Empty,
+                                CertificateFormat = "pfx"
+                            };
+                        }
+                        catch (CryptographicException exception)
+                        {
+                            throw new ArgumentException(string.Format(Resources.CertificatePrivateKeyAccessError, certElement.name), exception);
+                        }
+
                         RetryCall(subscription => Channel.AddCertificates(subscription, _hostedServiceName, certFile));
                         WaitForCertificateToBeAdded(certElement);
                     }

AzureDeploymentCmdlets/src/AzureDeploymentCmdlets/Properties/Resources.resx

@@ -611,4 +611,7 @@
   <data name="EnableRemoteDesktop_FriendlyCertificateName" xml:space="preserve">
     <value>Windows Azure Node Certificate</value>
   </data>
-</root>
+  <data name="CertificatePrivateKeyAccessError" xml:space="preserve">
+    <value>Your account does not have access to the private key for certificate {0}</value>
+  </data>
+</root>